<?php
	session_start();
	  include('../include/db_connect.php');
	
	function inDB(){
	$password = md5($_SERVER['PHP_AUTH_PW']);
	$queryL="SELECT idUSERNAME, gebruikers_naam, wachtwoord FROM USERNAME
	                  WHERE BINARY
	                  gebruikers_naam='".$_SERVER['PHP_AUTH_USER']."'
	                  AND
	                  wachtwoord='".$password."'
	                  AND
	                  admin = 1
	                  AND
                  	  status='act'";
	                  
	
	/*
	gebruikers_naam='Muurverf'
	                  //wachtwoord='".$_SERVER['PHP_AUTH_PW']."'";*/
	
	
	$resL=   mysql_query($queryL) or die(mysql_error());
	$usR =   mysql_fetch_array($resL);
	if ($usR===false) return false;
	return $usR['idUSERNAME'];
	}
	
	$usR = inDB();


?>
<style type="text/css">
div#noPermission{
margin-left:auto;
margin-right:auto;
text-align:center;
}
#noPermission a{
text-decoration:none;
color: #000000;
}
#noPermission a:hover{
text-decoration:none;
color: #ff0000;
}
#noPermissionImage a{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #000000;
}
#noPermissionImage a:hover{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop2.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #ff0000;
}
</style>
<?php
	if(!isset($_SERVER['PHP_AUTH_USER'])||$usR===false)
	  {
	    Header("WWW-Authenticate: Basic realm=\"Vul je gebruikersnaam en wachtwoord in\"");
	    Header("HTTP/1.0 401 Unauthorized");
	    echo '<div id="noPermission">';
		echo '<h1> U heeft geen authorisatie om hier te komen.</h1><br>';
		echo '<div id="noPermissionImage">';
		echo '<a href="../index.php"></a>';
		echo '</div>';
		echo '<h1> <a href="../index.php">Klik hierom terug te gaan naar de index site</a> </h1><br>';
		echo '</div>';
	
	   }
	   else{
	    //echo $usR;
?>
<script type="text/javascript">
var current = "1";
function pageSwitch(id){
	if(!document.getElementById) return false;
	var div = document.getElementById("page"+id);
	var curDiv = document.getElementById("page"+current);
	curDiv.style.display = "none";
	div.style.display = "block";
	current = id;
}
</script>
		<style type="text/css" media="screen"><!--
.hiddenDiv {
	display: none;
	}
.visibleDiv {
	display: block;
	border: /1px grey solid;
	}

--></style>		
<?php 
	include ("include/admin_header.php"); 
	include ("include/admin_menu.php");
	include ("../include/db_connect.php");

	echo "<div id='super_main_content'>";
	
	// afhandeling mechanisme
	
	if(isset($_GET['Hidden1'])){
		mysql_query("update BESTELLING set datum_verzonden=NOW(), status='verzonden' where idBESTELLING = ".$_GET['Hidden1']." and datum_verzonden is Null and datum_geannuleerd is NULL") or die("Bestelling is al afgehandeld of geannuleerd");
	}
	//$result1 = mysql_query("select * from orders") or die("Kan niet uitvoeren");
	$result2 = mysql_query("select idBESTELLING,datum_verzonden,status from BESTELLING where DATUM_VERZONDEN is NUll and datum_geannuleerd is null") or die ("Kan niet uitvoeren") ;
	echo "<form action='details.php' method='get'>";
	echo "<b><p>VUL HIER EEN BESTELNUMMER IN  </p></b><input name='bestelnr' type='text' value=''>";
	echo '<input name="Submit1" type="submit" value="zoeken">';
	
	echo "</form><br>";
	
	echo "<table id='product_table' border='1'>";

	echo "<tr>";
	
	// bestelnummer, datum_verzonden, status, details 
	
	echo "<td>Bestelnummer</td><td>Verzonden op</td><td>Status</td><td>Details</td>";
	
	echo "</tr>";
	
	while($orders = mysql_fetch_assoc($result2)){
	echo "<tr>";
	
	echo "<td>".$orders['idBESTELLING']."</td><td>".$orders['datum_verzonden']."</td><td>".$orders['status']."</td>";
	
	echo "<td><a href='details.php?bestelnr=".$orders["idBESTELLING"]."'>details</a></td>";
	echo "</tr>";
	}
	//<td>ordernr</td> <td>datum gemaakt</td> <td> totaal</td> <td> detaillink</td>   <td>afhandelen </td>
		
	echo "</table>";
	
	
	
	echo "</div>";
	include("include/admin_footer.php"); 
	}
?>


